New sequence for installing openvpn with setup of custom scripts

2021-03-27 05:35:11 +00:00
parent 260daa009c
commit 741d0c74c9
7 changed files with 168 additions and 0 deletions
--- a/seqs/openvpn/down.sh
+++ b/seqs/openvpn/down.sh
@@ -0,0 +1,5 @@
+#! /bin/bash
+echo "Restoring original nameservers"
+rm -f /etc/resolv.conf
+cp -f /etc/resolv.conf.default /etc/resolv.conf
+echo "Done restoring nameservers cheers"
--- a/seqs/openvpn/my.conf
+++ b/seqs/openvpn/my.conf
@@ -0,0 +1,22 @@
+# Set output verbosity (3 recommended by openvpn)
+# 0 -- No output except fatal errors.
+# 1 to 4 -- Normal usage range.
+# 5  --  Output R and W characters to the console for each packet read
+# and write, uppercase is used for TCP/UDP packets  and  lowercase  is
+# used for TUN/TAP packets.
+# 6  to 11 -- Debug info range (see errlevel.h for additional informtion
+verb 1
+
+# Always add custom nameserver
+#dhcp-option DNS 208.67.222.222 
+#dhcp-option DNS 84.200.69.80
+
+# Mute common false alarm on WiFi networks
+mute-replay-warnings
+
+# Allow openvpn to call user defined scripts
+script-security 2
+
+# Execute our custom up and down scripts
+up /usr/lib/openvpn/vpn-up
+down /usr/lib/openvpn/vpn-down
--- a/seqs/openvpn/up.sh
+++ b/seqs/openvpn/up.sh
@@ -0,0 +1,38 @@
+#! /bin/bash
+DEV=$1
+
+if [ ! -d /tmp/openvpn ]; then
+  mkdir /tmp/openvpn
+fi
+CACHE_NAMESERVER="/tmp/$DEV.nameserver"
+echo -n "" > $CACHE_NAMESERVER
+
+TEMP_LOG="/tmp/openvpn_dns.log"
+echo "DNS openvpn" > "$TEMP_LOG"
+echo -e "${foreign_option_1}\n${foreign_option_2}\n$foreign_option_3" >> "$TEMP_LOG"
+
+rm -rf /tmp/resolv.conf
+touch /tmp/resolv.conf
+dns=dns
+for opt in ${!foreign_option_*}
+do
+  eval "echo \$$opt" >> "$TEMP_LOG"
+  eval "dns=\${$opt#dhcp-option DNS }"
+  if [[ $dns =~ [0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3} ]]; then
+    if [ ! -f /etc/resolv.conf.default ]; then
+      cp /etc/resolv.conf /etc/resolv.conf.default
+    fi
+
+    # don't add "local" dns server
+    #cat /etc/resolv.conf | grep -v ^# | grep -v ^nameserver > /tmp/resolv.conf
+
+    echo "nameserver $dns" >> /tmp/resolv.conf
+    echo $dns >> $CACHE_NAMESERVER
+    #cat /etc/resolv.conf | grep -v ^# | grep -v "nameserver $dns" | grep nameserver >> /tmp/resolv.conf
+
+  fi
+done
+
+if [ -e "/tmp/resolv.conf" ]; then
+  mv /tmp/resolv.conf /etc/resolv.conf
+fi
--- a/seqs/openvpn/vpn-down
+++ b/seqs/openvpn/vpn-down
@@ -0,0 +1,13 @@
+#!/bin/bash
+
+# Manage nameserver with resolvconf
+#/etc/openvpn/update-resolv-conf
+
+# Manage nameserver with /etc/resolv.conf only
+#/usr/lib/openvpn/down.sh $@
+
+# Delete route to internal network
+#/usr/sbin/ip route del 10.5.0.0/24 via 192.168.0.20 dev eth0
+
+# Stop services only active while vpn is connected
+/usr/lib/openvpn/vpn-services stop
--- a/seqs/openvpn/vpn-services
+++ b/seqs/openvpn/vpn-services
@@ -0,0 +1,15 @@
+#!/bin/bash
+
+# Default or unrecognized stops the listed services
+serviceOp="stop"
+
+case $1 in
+  start|restart|stop)
+    serviceOp="$1";;
+  *)
+    >&2 echo "Unrecognized argument. Stopping services"
+    serviceOp="stop";;
+esac
+
+#/usr/sbin/service danted $serviceOp
+#/usr/sbin/service privoxy $serviceOp
--- a/seqs/openvpn/vpn-up
+++ b/seqs/openvpn/vpn-up
@@ -0,0 +1,16 @@
+#!/bin/bash
+
+# Make sure firewall is active
+#ufw --force enable
+
+# Manage nameserver with resolvconf
+#/etc/openvpn/update-resolv-conf
+
+# Manage nameserver with /etc/resolv.conf only
+#/usr/lib/openvpn/up.sh $@
+
+# Add route to internal network
+#/usr/sbin/ip route add 10.5.0.0/24 via 192.168.0.20 dev eth0
+
+# Start services only active while vpn is connected
+/usr/lib/openvpn/vpn-services start